Cyber Security Threat Hunter
A little about us
Johnson Matthey is the global leader in sustainable technologies, applying our cutting edge science to create solutions with our customers that make a real difference to the world around us. Our science and research helps to reduce pollution, relieve pain, restore hearing and boost crops.
Behind all of this, we’re an international business made up of many extraordinary parts. We have been in business for over 200 years. From a single office in London in 1817, we've built a global presence with significant operations in more than 30 countries. We support our customers' needs from 43 major manufacturing sites all around the globe, providing consistency and quality wherever they are.
Johnson Matthey employees own what they do. We take the initiative, seek clarity and demand high standards from ourselves and our colleagues. We encourage collaboration inside JM and out, sharing and embracing diverse viewpoints and tackle problems together.
Our focus is to protect people and the planet. We do the right thing, for people and for the world. We do what we say we’ll do, expect the same of each other and speak up when there’s a problem. We place importance on relationships internally and externally, treating others with respect and care.
What we need
We are actively seeking a Cyber Security Threat Analyst to be based in Royston.
The Cyber Security Threat Analyst works within the CISO function to proactively search the JM estate for evidence of malicious activities in our systems, our networks and to find ways of identifying behaviours that are evading current controls in order to mitigate against these risks and improve JM’s cyber security posture. In addition, the role will also assure against the effectiveness of existing IT security controls.
GENERAL DUTIES AND RESPONSIBILITIES:
- Hunting for malicious or anomalous activity across the enterprise, using existing tools
- In co-ordination with the wider cyber security team, lead the development and implementation of search capability focused on identifying potentially sophisticated APT’s and insider threat activities within the organisation
- Researching new and existing threat actors and associated tactics, techniques and procedures (TTPs); developing a detailed understanding of their potential impact to the organisation, providing recommended solutions for improving our defensive and detective capability
- Collaboration with the wider Cybersecurity functions, e.g. Security Operations, to develop hypotheses for new attack techniques and evasion methods
- Coordinating threat hunting activities, leveraging intelligence from multiple internal and external sources.
- Test and assure the effectiveness of existing JMIT controls
- Developing a forward facing security testing timetable using internal and external resources
GENERAL KNOWLEDGE, SKILLS AND ABILITIES:
- Knowledge and experience of IT security controls and supporting security investigations
- Ability to communicate with senior management to articulate information security risks in business terms.
- Ability to convey and explain complex technical information to technical staff
- Demonstrable experience in technology security-related roles, with demonstrable experience of identifying and managing information security risks in complex or critical scenarios
- Understanding of enterprise IT infrastructure and architectures
- Information security management qualifications such as CISSP, CISM
Technical and/or practical experience of:
- Offensive and Defensive cyber techniques
- SIEM software
- Security Incident Management Processes
- eDiscovery processes and tooling
- Forensic tooling and techniques
- Security software knowledge including threat detection tooling, AV, network security, and host base security technologies
- Deep knowledge of Windows and Linux
- MS Office
- Industry standards such as ISO270001 and ITIL